package org.apache.ws.security.action;

import java.util.ArrayList;
import java.util.List;
import org.apache.ws.security.SOAPConstants;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandler;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecUsernameToken;
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;

/* loaded from: input_file:targets/liberty855/third-party/com.ibm.websphere.appserver.thirdparty.wsSecurity_1.0.0.jar:org/apache/ws/security/action/UsernameTokenSignedAction.class */
public class UsernameTokenSignedAction implements Action {
    @Override // org.apache.ws.security.action.Action
    public void execute(WSHandler wSHandler, int i, Document document, RequestData requestData) throws WSSecurityException {
        List<WSEncryptionPart> arrayList;
        WSPasswordCallback passwordCB = wSHandler.getPasswordCB(requestData.getUsername(), i, wSHandler.getPasswordCallbackHandler(requestData), requestData);
        WSSecUsernameToken wSSecUsernameToken = new WSSecUsernameToken(requestData.getWssConfig());
        if (requestData.isUseDerivedKey()) {
            wSSecUsernameToken.addDerivedKey(requestData.isUseDerivedKeyForMAC(), null, requestData.getDerivedKeyIterations());
        } else {
            wSSecUsernameToken.setPasswordType(requestData.getPwType());
            wSSecUsernameToken.setSecretKeyLength(requestData.getSecretKeyLength());
        }
        wSSecUsernameToken.setUserInfo(requestData.getUsername(), passwordCB.getPassword());
        wSSecUsernameToken.addCreated();
        wSSecUsernameToken.addNonce();
        wSSecUsernameToken.prepare(document);
        WSSecSignature wSSecSignature = new WSSecSignature(requestData.getWssConfig());
        wSSecSignature.setCustomTokenValueType(WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE);
        wSSecSignature.setCustomTokenId(wSSecUsernameToken.getId());
        wSSecSignature.setSecretKey(wSSecUsernameToken.getSecretKey());
        wSSecSignature.setKeyIdentifierType(9);
        if (requestData.getSigDigestAlgorithm() != null) {
            wSSecSignature.setDigestAlgo(requestData.getSigDigestAlgorithm());
        }
        if (requestData.getSigAlgorithm() != null) {
            wSSecSignature.setSignatureAlgorithm(requestData.getSigAlgorithm());
        } else {
            wSSecSignature.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
        }
        wSSecSignature.prepare(document, null, requestData.getSecHeader());
        if (requestData.getSignatureParts().size() > 0) {
            arrayList = requestData.getSignatureParts();
        } else {
            SOAPConstants soapConstants = requestData.getSoapConstants();
            if (soapConstants == null) {
                soapConstants = WSSecurityUtil.getSOAPConstants(document.getDocumentElement());
            }
            arrayList = new ArrayList();
            arrayList.add(new WSEncryptionPart(WSConstants.ELEM_BODY, soapConstants.getEnvelopeURI(), "Content"));
        }
        try {
            wSSecSignature.computeSignature(wSSecSignature.addReferencesToSign(arrayList, requestData.getSecHeader()));
            requestData.getSignatureValues().add(wSSecSignature.getSignatureValue());
            wSSecUsernameToken.prependToHeader(requestData.getSecHeader());
        } catch (WSSecurityException e) {
            throw new WSSecurityException("WSHandler: Error during UsernameTokenSignature", e);
        }
    }
}
